You are here
Home > Preporuke > Sigurnosni propust programskog paketa python-jwt

Sigurnosni propust programskog paketa python-jwt

by ncert - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10249
2015-06-20 13:38:05
——————————————————————————–

Name : python-jwt
Product : Fedora 21
Version : 1.3.0
Release : 1.fc21
URL : http://pypi.python.org/pypi/pyjwt
Summary : JSON Web Token implementation in Python
Description :
A Python implementation of JSON Web Token draft 01. This library provides a
means of representing signed content using JSON data structures, including
claims to be transferred between two parties encoded as digitally signed and
encrypted JSON objects.

——————————————————————————–
Update Information:

Latest upstream with security fix for http://seclists.org/oss-sec/2015/q2/3 https://github.com/jpadilla/pyjwt/commit/88a9fc56bdc6c870aa6af93bda401414a217db2a
——————————————————————————–
References:

[ 1 ] Bug #1231173 – python-jwt: token verification bypass with “none” algorithm
https://bugzilla.redhat.com/show_bug.cgi?id=1231173
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update python-jwt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10350
2015-06-20 13:45:56
——————————————————————————–

Name : python-jwt
Product : Fedora 22
Version : 1.3.0
Release : 1.fc22
URL : http://pypi.python.org/pypi/pyjwt
Summary : JSON Web Token implementation in Python
Description :
A Python implementation of JSON Web Token draft 01. This library provides a
means of representing signed content using JSON data structures, including
claims to be transferred between two parties encoded as digitally signed and
encrypted JSON objects.

——————————————————————————–
Update Information:

Latest upstream with security fix for http://seclists.org/oss-sec/2015/q2/3 https://github.com/jpadilla/pyjwt/commit/88a9fc56bdc6c870aa6af93bda401414a217db2a
——————————————————————————–
ChangeLog:

* Wed Jun 17 2015 Ralph Bean <rbean@redhat.com> – 1.3.0-1
– new version
– start running the test suite.
* Fri Mar 27 2015 Ralph Bean <rbean@redhat.com> – 1.0.1-1
– new version
* Thu Mar 19 2015 Ralph Bean <rbean@redhat.com> – 1.0.0-1
– new version
——————————————————————————–
References:

[ 1 ] Bug #1231173 – python-jwt: token verification bypass with “none” algorithm
https://bugzilla.redhat.com/show_bug.cgi?id=1231173
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update python-jwt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

ncert
Top
More in Preporuke
Ranjivost programskog paketa chicken

Otkrivena je ranjivost u programskom paketu chicken za Fedoru. Ranjivost je posljedica čitanja podataka izvan granica dodijeljene memorije u proceduri...

Close